The use of the Internet also brings dangers. Malware can cause enormous damage to private users and companies, such as data loss or a breakdown of services. By following certain rules of conduct in combination with technical precautions, one's own data can be protected against hacking attacks.
Hacking is the penetration of a foreign computer system by one or more hackers. In most cases, hackers exploit unnoticed security vulnerabilities. Once access to the computer system is found and it goes unnoticed, the hacker or collective has the ability to change the contents and structures of the system at will. The motives of the hackers as well as the consequences of such an attack on the respective computer system can vary greatly.
Malware comes into play when hackers have exposed access to a website, an e-mail account or a computer after an attack and malicious actions are carried out on the foreign computer systems. An additional gateway for malware is malicious files sent in e-mails or placed on websites.
Different forms of hacking
Hackers penetrate websites, for example, to steal sensitive data stored on the servers. If the website is hacked in order to resell valuable data (e.g. credit card information), commercial motives are in the foreground.
If, on the other hand, the goal is to make the stolen data accessible to a broad public in order to draw attention to alleged grievances, this is referred to as "hacktivism" (hack + activism). The so-called "hacktivists" act in a politically or religiously motivated manner and use the hacked website as a virtual protest action to draw attention to their concerns and goals. In the context of politically-motivated hacking, websites of companies or of more socially exposed persons are often defaced. In this context, one also speaks of the so-called "defacement" of a website. Such actions mean not only damage to the image of those affected, but usually also considerable financial losses.
Hackers often target not only websites but also e-mail accounts. Unauthorized intrusion into other people's e-mail accounts, known as "account hijacking," makes it possible not only to steal confidential data but also to use the hacked account to distribute unwanted spam.
Emails are frequent carriers of malware. The malware-infested emails ask the recipient to open an attached file or click on a certain link. Once the recipient does so, malware is automatically installed on their computer and it can copy, destroy, block or modify data.
However, a computer can also get infected with malware by visiting a website. Such website infection, better known as drive-by infection, is triggered by a website that has been compromised for malware propagation. It is quite possible that these are also reputable and frequently visited websites.
Different forms of malware
Malware is a generic term and includes various malicious computer programs such as viruses, worms or Trojan horses. By definition, all viruses and worms have a built-in malicious function that can affect computer systems in various ways. The effects range from harmless disruptions, to data loss, to hardware damage. In contrast, Trojan horses (often referred to as Trojans) work covertly and perform malicious actions while appearing to the user as a useful application or file. In this way, Trojans can block a computer, encrypt personal data and control sessions (e.g. e-banking).
The example of ransomware shows how Trojans work and what effects they can have. Ransomware, also known by the more common term extortion Trojan or encryption Trojan, is a specific family of malware that encrypts computer files and connected network drives and renders them unusable. Affected people cannot use their computers after that and access to their personal data is blocked. This is indicated by a lock screen. On it you can read that a certain amount of money in the form of an Internet currency (e.g. Bitcoins) has to be paid to the hackers in order for them to release the encrypted files and the computer can be used again. The use of an Internet currency makes it more difficult to track down the perpetrator: the payment is anonymous because no bank account is needed to make or receive payments in an Internet currency. Moreover, anyone who agrees to the hackers' extortionate demands has no guarantee of regaining access to the encrypted files.
While home users can no longer access their personal data, such as vacation photos, in the event of a ransomware incident, the impact on businesses is usually much more serious. Often, business-critical data such as contracts, customer and accounting data are encrypted and thus rendered unusable.
What do the police do?
The search for cyber criminals often proves to be very time-consuming or even impossible. This is another reason why it is important to protect yourself against such attacks. If something does happen, contact your cantonal police immediately. In the course of proceedings, the damaged computers will be confiscated as evidence and cannot be used for a certain period of time.